Monday, November 28, 2011

ERM-BC-COOP

Government as risk

It's not the first time I have suggested that government - at all levels - should be considered a risk to the organization.

Usually we think of government making a rule that restricts the organization's business or adds additional regulations . . . and costs.

Sometimes, though, government may reduce or eliminate regulation.

According to an AdvisenFPN article that first appeared in the Wall Street Journal (http://tinyurl.com/7lad3qx) titled Critics Target Bribery Law , corporate America's top lobbyists are trying to limit the Foreign Corrupt Practices Act of 1977, a/k/a FCPA.

In a Joe Palazzolo-bylined article, the WSJ reports that the effort against FCPA has risen to the top of the lobbyists' agenda, sparking a widespread debate about how the legislation is enforced. The reason for the corporate war on FCPA: "In the past five years, a remarkable run of enforcement of the U.S. law has led to about $4 billion in penalties against corporations. The law prohibits companies from paying bribes to foreign officials to win business. A violation can result in criminal prosecution," the WSJ article noted.

I recently did a project for World Compliance (http://www.worldcompliance.com/en/default.aspx), an organization that specializes in FCPA. It has a multitude of clients in the financial industry who are, thanks in part to FCPA, concerned that their transactions and their clients are above reproach.

World Compliance is akin to the CIA - it collects information from around the world, vets it to assure accuracy, and they packages it for its clients. To its credit, World Compliance takes risk management very seriously.

Click on drawing to enlarge

While eliminating FCPA would not by itself put World Compliance out of business - as the name implies, the organization has clients worldwide and, in addition to FCPA, it also provide data to clients complying with European laws as well as U.S. Treasury Department regulations and the Patriot Act - emasculating or killing the FCPA could impact the organization's bottom line.

Of course World Compliance has more than U.S. lobbyists to consider. It has to take lobbyists into account every place it does business, and that is most of the world. Again, it's core business is gathering information about people from the four corners of the world, analyzing the information, and packing it for its clients.

As with the CIA, most of the data is public information; World Compliance's raison d'être is the analysis and vetting of the information, putting together all the pieces that may come from disparate sources.

No matter what the organization's purpose - be it commercial, industrial, a non-profit, or a charity - the whims of government must be considered a risk. Depending on the type government, the rulers may be swayed by money, favors owed, promises of votes or threats of loss of votes, or less polite measures.

FCPA hurt - and continues to hurt - organizations that did business by bribery. It hurt them because U.S. companies no longer were on a level playing field with their foreign competition, and it hurts them when - despite FCPA - they feel obliged to risk a bribe and get caught.